Blush FictionBack to home

The Privacy Promise

Your stories stay private by default.

“A daydream is the most private thing a human can own. We treat your stories with care, restraint, and respect.”

Private by Default

Your stories, chats, and characters are private by default. They are not published unless you deliberately choose to share them. Model providers may process your prompts to generate responses, but your content is not public.

Limited Internal Access

Access to content is limited, but support, abuse, safety, debugging, or quality-review workflows may require human review in specific cases.

Your Content, Your Rights

You retain rights to what you create. We need a license to host and operate the service, but we don’t claim ownership of your characters, lore, or stories.

Privacy Policy

Effective date: April 12, 2026

1. Scope

This Privacy Policy describes how BlushFiction collects, uses, stores, and shares personal data when you use the website and services.

2. Data We Collect

  1. 1.Account data: username, email, authentication records, session tokens.
  2. 2.Content data: prompts, generated stories, chat messages, character settings, story settings, feedback, and other content you provide (which may include sensitive or adult content).
  3. 3.Usage data: IP address, user agent, device and browser data, timestamps, page views, and event logs.
  4. 4.Device and cookie data: essential cookies, preferences, and security tokens required to keep you signed in.
  5. 5.Billing data: transaction metadata and status from payment processors. We do not store full card numbers.
  6. 6.Support and trust data: messages, attachments, abuse reports, adult-access verification details, and email preferences.

3. How We Use Data

  1. 1.Provide and operate the service.
  2. 2.Authenticate users and secure accounts.
  3. 3.Process payments and manage subscriptions, top-ups, and access states.
  4. 4.Enforce limits, prevent abuse, and investigate violations.
  5. 5.Review content when needed for support, abuse investigation, safety, debugging, or quality evaluation.
  6. 6.Improve prompts, retrieval, ranking, product features, safety systems, model behavior, reliability, and product performance.
  7. 7.Send operational notices, support responses, and where allowed by law, promotional or re-engagement emails.
  8. 8.Meet legal, regulatory, and audit obligations.

4. Legal Bases

Where required, processing is based on contract necessity, legitimate interests, consent, and legal obligations.

5. Sharing and Processors

We share data only as needed with service providers. We do not sell personal data for cash consideration and we do not share it for cross-context behavioral advertising.

  1. 1.Model and API providers for generation, analysis, and related product workflows.
  2. 2.Payment processors for checkout and billing.
  3. 3.Hosting, infrastructure, logging, analytics, and security vendors.
  4. 4.Email delivery providers for service emails and, where allowed, marketing or re-engagement emails.
  5. 5.Professional advisors or authorities when legally required.

6. Model and AI Processing

  1. 1.We send prompts and relevant context to model providers to generate responses and support features like summaries, quality checks, or safety signals.
  2. 2.We may use de-identified or aggregated data to improve prompts, retrieval, ranking, safety systems, and product performance.
  3. 3.We do not use your private content to train public models that are offered to other customers without your permission. If this ever changes, we will provide notice and choice where required.

7. Cookies and Tracking

  1. 1.Essential cookies are used for authentication, security, and core product functionality.
  2. 2.We may use analytics or performance tools to understand product usage and reliability.
  3. 3.You can control cookies through your browser settings. Disabling cookies may limit features or prevent sign-in.

8. Data Retention

  1. 1.Account and transaction records are kept while your account is active and as required for legal, tax, accounting, and anti-fraud purposes.
  2. 2.Content and chat history are retained until deleted by you, deleted by policy action, or removed according to our retention rules.
  3. 3.Operational logs and security records are retained for a limited period (generally 30–90 days) unless needed for fraud prevention, abuse investigation, or legal obligations.
  4. 4.Restricted or archived accounts may remain visible to you while some parts of the experience are locked.
  5. 5.Backups may persist for a limited period (generally up to 30–60 days) before deletion.

9. Security

We use reasonable technical and organizational safeguards appropriate to data sensitivity. No method of storage or transmission is fully secure.

10. Your Rights

  1. 1.Depending on jurisdiction, you may request access, correction, deletion, objection, restriction, portability, or withdrawal of consent.
  2. 2.EU/UK residents may have rights under GDPR/UK GDPR, including the right to lodge a complaint with a supervisory authority.
  3. 3.California residents may have rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of sale/share. We do not sell or share personal data for cross-context behavioral advertising.
  4. 4.You can submit requests at any time by contacting support.

11. Adults-Only Service

BlushFiction is not intended for minors. We do not knowingly collect personal data from anyone under 18. We may ask for date of birth, age affirmation, country, and related audit details to control adult access and document compliance.

12. International Transfers

Your data may be processed in countries other than your own where our vendors or infrastructure operate. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent transfer mechanisms.

13. Policy Updates

We may revise this Privacy Policy and will post the new effective date.

14. Contact

All inquiries: [email protected]